MSMQ Transport

Configuring the endpoint

MSMQ is the default transport used by NServiceBus. Therefore when using MSMQ the transport configuration for the endpoint need not be specified. However if the connection string needs to be configured via code, it can be done as shown. In the example below the dead letter queue configuration is turned off.

Advantages

MSMQ is natively available as part of the Windows operating system. In Windows servers, the MSMQ role might need to be turned on.

MSMQ offers transactional queues which also support distributed transactions. With the transactional behavior, it is possible to get exactly-once delivery.

MSMQ provides a store and forward mechanism. Therefore it promotes a more natural bus-style architecture. When sending messages to unavailable servers, the messages are stored locally in the outgoing queues and will be automatically delivered once the machine comes back online.

Disadvantages

MSMQ does not offer a native Publish-Subscribe mechanism, therefore it requires NServiceBus persistence to be configured for storing event subscriptions. Explicit routing for publish/subscribe must also be specified.

Many organizations don't have the same level of operational expertise with MSMQ, as for example with SQL Server, so it may require additional training. For example, as MSMQ is not a broker transport, the messages could be on different servers, and managing the storage space on each machine is important.

MSMQ Configuration

NServiceBus requires a specific MSMQ configuration to operate.

The supported configuration is to only have the base MSMQ service installed with no optional features. To enable the supported configuration either use NServiceBus Prerequisites in the Platform Installer or use the Install-NServiceBusMSMQ cmdlet from the NServiceBus PowerShell Module.

Alternatively, the MSMQ service can be manually installed:

Windows 2012

From Server Manager's Add Roles and Features Wizard enable Message Queue Server. All other MSMQ options should be disabled.

Windows 8.x and 10

From the Control Panel, choose Programs. Then run the Windows Features Wizard by click on Turn Windows Features On or Off. Enable Microsoft Message Queue (MSMQ) Server Core. All other MSMQ sub-options should be disabled.

MSMQ Machine name limitation

MSMQ clustering

MSMQ clustering works by having the active node running the instance of the MSMQ service and the other nodes being cold standbys. On failover, a new instance of the MSMQ service has to be loaded from scratch. All active network connections and associated queue handles break and have to be reconnected. Any transactional processing of messages aborts, returning the message to the queue after startup.

So downtime is proportional to the time taken for the MSMQ service to restart on another node. This is affected by how many messages are in currently storage, awaiting processing.

Public Queues

Although MSMQ has the concept of both Public and Private queues. Public queues require Active Directory as a pre-requisite and are also not available in a workgroup environment. Therefore, NServiceBus only supports private queues and uses the path name addressing scheme for all its routing. Installing MSMQ with Active Directory may in some cases interfere with the addressing scheme when sending messages and for this reason, it is recommended not to include Active Directory when installing MSMQ.

Permissions

Group

Permissions

Granted by NServiceBus

Granted by Windows 2012+

Owning account

Send, Receive, Peek

All versions

Domain & Workgroup mode

Administrators

Full

All versions

None

Anonymous

Send

Versions 6.0.x and below

Workgroup mode

Everyone

Send

Versions 6.0.x and below

Workgroup mode

In versions 6.1.0 and above, the NServiceBus installers will not automatically grant permissions to the Anonymous and Everyone group. The installer will respect the existing queue permissions that have been set up for the endpoint queue. The permissions granted to Anonymous and Everyone groups are based on standard windows behavior and not anymore via NServiceBus.

Any endpoint that sends a message to a target endpoint requires the Send permission to be granted for the sending user account on the target queue. For example, if an endpoint A is running as userA and is sending a message to endpoint B, then userA requires the Send permission to be granted on endpoint B's queue. When using messaging patterns like request-response or publish-subscribe, the queues for both the endpoints will require Send permissions to be granted to each others user accounts.

When an endpoint creates a queue on a machine, permissions depend on whether the server is joined to a domain or a workgroup due to Windows behavior.

Domain mode

If the machine is joined to a domain, then at the time of queue creation, only the domain user that created the queue will have Send permissions granted. The Everyone user group and Anonymous user group will NOT have Send permissions. If all the endpoints which need to communicate are running under the same domain account, no further configuration is required. However, if the endpoints are run using different domain accounts, then the Send permission on the receiving endpoint's input queue needs to be explicitly granted to the domain user account of the sending endpoint.

Workgroup mode

If the machine is connected to a workgroup, then the Send permission is granted to the Everyone and Anonymous user groups by Windows. Any endpoint will be able to send messages to any other endpoint without further configuration.

Well-Known group names and Queue access rights

To increase security and further lock down MSMQ send/receive permissions remove Everyone and Anonymous and grant specific permissions to the subset of accounts that need them.

In Versions 6 and above, if the default queue permissions are set, a log message will be written during the endpoint startup, reminding that the queue has default permissions and might require stricter permissions for production. During development, if running with an attached debugger, this message will be logged as INFO level, otherwise WARN.

An example of the warning that is logged:

WARN NServiceBus.QueuePermissions - Queue [private$\xxxx] is running with [Everyone] with AccessRights set to [GenericWrite]. Consider setting appropriate permissions, if required by the organization. For more information, consult the documentation.